Recently I have experimented a little with Kinesis Firehose. The result is this concise undocumented template which setup an Kinesis Firehose S3 Delivery Stream preprocessed by Lambda in AWS CloudFormation.
AWS has released a developer preview of AWS CDK during re:Invent 2018. A detailed description and the release informations can be found here: AWS CDK Developer Preview. AWS CDK offers the possibility to define Infrastructure as Code in different programming languages, based on CloudFormation - a kind of compiler.
The introductory session of re:Invent 2018:
Since I found some free time during the re:Invent, I have played around with this new software development framework - and the result is the following snippet. Here I create a very simple API with only one method implemented by a Lambda function that has permissions on a DynamoDB table. A very common scenario.
AWS CDK makes a very good impression and I am looking forward to further development. The api reference and the introductory tutorial helped me a lot while trying out CDK.
Two simple skeleton tempates which should be used to initialize when creating a new template from scratch. In general it is important that only the resources area is required and at least one resource must be created. All other sections are optional.
The following snippet shows the basic structure of a YAML template:
---
AWSTemplateFormatVersion: "2010-09-09"
Description: A simple skeleton
Metadata:
Parameters:
Mappings:
Conditions:
Transform:
Resources:
Outputs:
The following snippet shows the basic structure of a JSON template:
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "A simple skeleton",
"Metadata" : {
},
"Parameters" : {
},
"Mappings" : {
},
"Conditions" : {
},
"Transform" : {
},
"Resources" : {
},
"Outputs" : {
}
}
Read more about the AWS CloudFormation Template Anatomy
Implement S3 Bucket Lambda triggers in AWS CloudFormation can be quite tricky because of very often circular dependencies or errors like “Unable to validate the following destination configurations” occur. But if you take notice of the following, working with S3 Lambda triggers in CloudFormation will be easier.
Below you will find a GitHub Gist with a working example which takes care of all tips mentioned above. In this example, created *.txt files are read from a bucket and then deleted.
Read more: https://aws.amazon.com/premiumsupport/knowledge-center/unable-validate-destination-s3/
Amazon MQ with ActiveMQ under the hood offers several different protocols, each with its own endpoint. Unfortunately, you can’t reference or output them directly in AWS CloudFormation. To make this possible I use the following variants in a Single Broker setup, where AMQBroker is a CloudFormation resource of type AWS::AmazonMQ::Broker:
and these in an active/standby setup for high availability:
Unfortunately, it is currently not possible to output or use the domain name / URL of an Amazon API gateway via Fn::GetAtt in AWS CloudFormation. Therefore I provide the following CloudFormation snippets that enables you to do exaclty this. The snippets use a resource called RestApi of type AWS::ApiGateway::RestApi and a resource Stage of type AWS::ApiGateway::Stage.
Recently AWS released that the Amazon Simple Queue Service (SQS) is now available as a supported event source for AWS Lambda Functions. You can read the related blog post here: https://aws.amazon.com/blogs/aws/aws-lambda-adds-amazon-simple-queue-service-to-supported-event-sources/
Since then I have seen many instructions explaining how to integrate this trigger via AWS Serverless Application Model (AWS SAM). Using this approach I noticed that when rolling out the SAM template via AWS CloudFormation a resource of type AWS::Lambda::EventSourceMapping is created. Since this resource is supported by AWS CloudFormation it should be possible to create the SQS Lambda trigger without SAM.
So I tried it successfully and got the following CloudFormation example template:
One thing to watch out for is that the lambda function timeout is not greater than the visible timeout on the queue. The solution can be tested by sending a test message via the SQS Queue using the SQS Console.
Sending a test message via the SQS Console
Check if the Lambda Function has been invoked
Sometimes in CloudFormation a Parameter requires an array, and often an array of variable size is required, determined for example by input parameters. For instance AWS::AmazonMQ::Broker were you need to define an array of SubnetIds. In which either if SINGLE_INSTANCE is selected or if ACTIVE_STANDBY_MULTI_AZ is selected, several ids must be specified.
Using the notation proposed in the documentation this cannot be achieved:
SubnetIds:
- !Ref PrivSubnetA
- !If [ DeployAmqMultiAzCondition, !Ref PrivSubnetB, ]
But the problem can be solved as follows:
SubnetIds: !If [ DeployAmqMultiAzCondition, [ !Ref PrivSubnetA, !Ref PrivSubnetB ], [ !Ref PrivSubnetA ]]
A simple regex statement to verify an AWS Lambda Function ARN (Amazon Resource Name).
arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?
Everyone knows how easy it is to create a release on GitHub but how can you revoke it?
This can be implemented quite easily in just a few steps:
git tag -d 1.0.0
git push origin :refs/tags/1.0.0
The first command deletes the respective tag locally, the second pushes it to GitHub. Afterwards the release, which is now marked as “Draft”, can be deleted via the GitHub UI.
